My apologies for such a naive question, but strangely I haven't come across this when reading on the Internet: from my PC to my router, isn't the signal unencrypted--I don't see any Wi-Fi encryption controls in Windows or in the Wi-Fi adapter documentation--so my next door neighbor conceivably could receive it? I understand the basics of wireless security once my PC is connected to a router. I am aware of the risk of using my PC on a public network like at a Starbucks. But the descriptions of the risk all seem to be about packet sniffing and access point spoofing on the network--no one seems to say anything about someone sitting next to me and setting his Wi-Fi adapter to my adapter's channel to receive my laptop's unencrypted transmissions to the access point. My and his Wi-Fi adapters are just fancy digital radios that I would think could communicate with each other. I know there is an infrastructure mode and a point to point mode, but he and I would be using infrastructure mode. Obviously I am missing something basic here. Thank you.

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If you are using wireless encryption (WPA/WPA2/WEP) then the signal is encrypted - the access point and your computer share a key. If it's not then it's as encrypted as the communication protocol being used - HTTP/SMTP/FTP for example are UNENCRYPTED. SSH/HTTPS ARE encrypted.

A client will send unencrypted probes to find a network and learn its capabilities in terms of authentication and encryption but unless your link between the AP and client is unencrypted once you've associated to the AP you've nothing to worry about as long as you use WPA2/AES.

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

"Infrastructure" means you would need something like a radius server running in your location to authenticate those who try to connect to the access point. That is usually not practical if you are using this privately. Normally you will only find that in companies. For private environments you would use "Pre-shared keys" (or "PSK") and not infrastructure, and as said above, with the WPA2/AES encryption.

So with WPA2/AES-PSK your communication between your Wireless card and the access point is encrypted. Your neighbor could receive the signal, but would have a pretty tough time trying to encrypt it and make sense of what you are doing.

0

E. Douglas (Doug) JensenConsultantAuthor Commented: 2015-03-24

I apologize that I was not clear in my question. Suppose there are two nearby computers with Wi-Fi, neither of which is connected to an access point (and thus a LAN/WAN), and they are using infrastructure mode. It seems to me that since neither the PC's nor their Wi-Fi radios encrypt transmissions (encryption doesn't happen until a PC connects to an access point/router), then both PC's transmit open signals and can receive each other's. There is the issue that they would both have to be using the same Wi-F- channel. Of course when the two PC's are connected through access points/routers and the Internet, they can see each other and encryption prevents either to connect to the other.

But my question is why can't the two nearby radios receive each others' signals in the clear when neither is connected to an access point/router/LAN/WAN and thus there is no encryption?

No data is being transmitted if they aren't connected to an access point. If you set them up Ad-Hoc, they have to connect to at least one other system to start transmitting. Would that data be encrypted? Not beyond the protocol as I stated before.

But my question is why can't the two nearby radios receive each others' signals in the clear when neither is connected to an access point/router/LAN/WAN and thus there is no encryption?

The client devices won't be trying to send data via the WLAN NIC. It's not like they just throw data over the air in an attempt to get something to listen to it.

0

E. Douglas (Doug) JensenConsultantAuthor Commented: 2015-03-24

Craig, I am asking about the case where one PC is using the Internet as usual, and another PC is eavesdropping on the "raw" unencrypted data from the first PC's NIC to its (first PC's) access point, without the second PC being connected to the LAN/WAN the first PC is using--or any network at all.

Consider a hypothetical case where

* the first PC is using a Wi-Fi NIC transmitter that has a 100 watt output connected to an access point as usual,

* and the second PC has a Wi-Fi high gain yagi attached to his WLAN NIC, pointed at the first PC.

Why can't the second PC tune his Wi-Fi NIC to the same Wi-Fi channel as the first PC NIC is transmitting on (e.g., using a MetaGeek product) and receive the unencrypted 2.5 gHz RF data being transmitted to the first PC's access point?

Must a Wi-Fi NIC be connected to an access point to receive anything? Is there some communication protocol involved that I don't know or understand that prevents a WLAN NIC from receiving the clear data directly from another (strong enough, same channel) NIC that is communicating normally via an access point?

Before the PC has authenticated with the AP, no network connection is established and no data is transferred. Once the connection is established, encryption is in place and then IP addresses are defined and after that data starts transferring. The strength of the signal makes absolutely no difference.

Craig, I am asking about the case where one PC is using the Internet as usual, and another PC is eavesdropping on the "raw" unencrypted data from the first PC's NIC to its (first PC's) access point, without the second PC being connected to the LAN/WAN the first PC is using--or any network at all.

If there is no encryption you can do this - and people do do it. That's 'why' we use encryption in the first place.

However, if the first PC connected to the internet is using encryption it won't ever send unencrypted traffic out of the WLAN NIC so the eavesdropping PC would only ever 'hear' encrypted frames. The first PC encrypts all data before it sends it over the air - it's not something that happens during transmission. That answers this bit...

Why can't the second PC tune his Wi-Fi NIC to the same Wi-Fi channel as the first PC NIC is transmitting on (e.g., using a MetaGeek product) and receive the unencrypted 2.5 gHz RF data being transmitted to the first PC's access point?

Must a Wi-Fi NIC be connected to an access point to receive anything?

No, as I just explained. You can eavesdrop but you'll only be able to collect whatever comes over the air, not what is just about to be encrypted.

Is there some communication protocol involved that I don't know or understand that prevents a WLAN NIC from receiving the clear data directly from another

No, just encryption.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.